package cn.wolfcode.web.controller;

import cn.wolfcode.domain.Employee;
import cn.wolfcode.qo.JsonResult;
import cn.wolfcode.service.IEmployeeService;
import cn.wolfcode.service.IPermissionService;
import cn.wolfcode.util.UserContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpSession;
import java.util.List;

@Controller
public class LoginController {

    @Autowired
    private IEmployeeService employeeService;

    @Autowired
    private IPermissionService permissionService;

    @RequestMapping("/empLogin")
    @ResponseBody
    public JsonResult login(String username, String password, HttpSession session){
            Employee employee = employeeService.login(username,password);
            //登录成功存入session
//            session.setAttribute(UserContext.USER_IN_SESSION,employee);
            UserContext.setCurrentUser(employee);
            //如果不是超管, 去查询权限信息
            if (!employee.isAdmin()) {
                List<String> list = permissionService.selectByEmpId(employee.getId());

//                session.setAttribute(UserContext.EXPRESSION_IN_SESSION,list);
                UserContext.setExpressions(list);
            }
            if(!employee.isStatus()){
                return  new JsonResult(false,"账号已被禁用,请联系管理员");
            }
            return new JsonResult();
    }

    @RequestMapping("/empLogout")
    public String logout(HttpSession session){
        //销毁session
        session.invalidate();
        return "redirect:/login.html";
    }

    @RequestMapping("/nopermission")
    public String nopermission(){
      return "common/nopermission";
    }

}
